Answer by Iceberg for Can IP tables allow specific DNS queries based on...
DOMAIN=www.example.comstr=$(perl -e 'print "|".join("|", map { sprintf("%02X", length($_))."|".$_ } split(/\./, "'$DOMAIN'") )."|"')echo $striptables -I INPUT -p udp --dport 53 -m string --hex-string...
View ArticleAnswer by Romuald Brunet for Can IP tables allow specific DNS queries based...
To complement nrc's anwser, where is a quick command to convert domains to the hexadecimal string:DOMAIN=google.comperl -e 'print map {chr(length($_)).$_} split /\./, "'$DOMAIN'" | xxd -pSo, in your...
View ArticleAnswer by nrc for Can IP tables allow specific DNS queries based on domain name?
the dot "." in a DNS query is not represented as a character, but as the length of the string that follows. For example www.google.com is queried as0x03 w w w 0x06 g o o g l e 0x03 c o myou can easily...
View ArticleCan IP tables allow specific DNS queries based on domain name?
I have iptables blocking all UDP traffic at the moment, however I want to allow only certain DNS queries to get through.Let's use google.com as an example.I am trying to use string matching to find the...
View Article